Conducting a review of apps and add-ons in Splunk Enterprise
This article offers a checklist of tasks to assist self-service customers in reviewing apps and add-ons on Splunk Enterprise. This is one of many processes involved in Running a Splunk platform health check.
Objective
Review the configurations in a Splunk app or technology add-on and make recommendations based on Splunk best practices
In-scope
- Searches, reports, alerts
- Dashboards
- Data onboarding
- Index time, user, and other settings
- Validate app or technology add-on by AppInspect
Out-of-scope
Modifications to any Splunk configurations outside the Splunk app or technology add-on
Task-specific assumptions
- A subject matter expert for each of the vendor technologies involved is available
- Configurations made to add-ons might require additional configuration not considered in this statement of work (SOW) when upgrading to subsequent versions of the add-ons
- The person conducting this analysis has access to and documentation describing the structure and contents of the data source or destination
Additional resources
Splunk Professional Services can assist with this or any other process involved in conducting a Splunk platform health check. Click here to learn more about working with Professional Services.